Mail on CentOS Server

Clear All
As promised here is a small article explaining the implementation of a mail server on CentOS with access secure IMAP (SSL encryption). We are talking here about a situation very simple, users are local accounts of the system, messages are stored in their personal directory. This is what you should do for a personal server or with few users.

For the SMTP (send/receive) function we use Postfix, and for accessing IMAP (mail via a remote messaging client consultation) it will be Dovecot. The server will be able to receive mail, but we will not treat the sending part (you can go through any SMTP, for example that of your ISP) because all ways 25 outgoing port is blocked on the outside.
Cases and prerequisites

You must have a domain name on internet redirected you (otherwise the reception of mails will be impossible). If you go through a router with NAT layer remember to redirect port 25 on your server.

In this tutorial we will take as (fictional) area:

The installation requires no special handling. If you go through the DVD, you will have the choice of the “roles”, select “Minimal”.

The network configuration is detailed on this page, or on the documentation of CentOS.

In system-config-network-tui, don’t forget to go ride in “DNS Configuration” to enter your host name (for example
Update and installation

First perform an update of the system and then install Postfix and Dovecot:

# yum update y
# yum install dovecot postfix

Then it adds to the start these two daemons:

# chkconfig postfix on
# chkconfig dovecot on


Before going any further we’ll have get or create a certificate and SSL private key. You can do it yourself with openssl, or ask for free on GlobalSign.NET (Linuxfr uses these certificates).

The key (freeman.key) is to put in/etc/pki/tls/private.
The certificate (freeman.crt) is to put in/etc/pki/tls/certs.

Then they are given good rights:

# chmod 0400 /etc/pki/tls/private/freeman.key
# chmod 0444 /etc/pki/tls/certs/freeman.crt

We’ll see after that Dovecot is responsible as root, so theoretically it has rights to read on freeman.key, but SELinux blocks. To compensate for this should be the following manipulation:

# restorecon – RvF/etc/pki

Postfix configuration

The configuration is done in the file, which is located in/etc/postfix. It will then define some aliases in/etc/aliases but we will see later.

# vi /etc/postfix/

Each parameter is widely commented and humanly understandable. Here, in the context of our tutorial, the settings to change:

myorigin =
inet_interfaces = all
inet_protocols = ipv4
mydestination =
home_mailbox = Maildir /.

Save and close. We then define the alias. We are going to redirect mail for root to the user “xavier”:

# vi/etc/aliases
# Person who should get root’s mail
root: xavier

Apply the alias and start postfix:

# newaliases(8)
# service postfix start

Create an account

As seen previously we do the “xavier” account:

# useradd m xavier
passwd xavier

The address of this account is Tip: to have a address, use an alias (xavier.chotard: xavier).
Dovecot configuration

The configuration is cleverly divided into several configuration files:

# vi /etc/dovecot/dovecot.conf
protocols = imap

# vi /etc/dovecot/conf.d/10-mail.conf
mail_location = maildir: ~ / Maildir

# vi /etc/dovecot/conf.d/10-ssl.conf
ssl_cert =